← Back to all jobs

Information Security Analyst

Posted 53 days ago
$145k–155k / year
United States
Full-Time
infosec
analyst

Introduction

An inclusive work environment is an empowering one. At Cutover, we lead with empathy and enable others to succeed through curiosity, kindness, and self-expression.

Location

US, remote (CST or EST time zone), willing to travel to New York office for audits as required. We regret that we are unable to provide work visa sponsorship at this time.

About Cutover

Cutover provides enterprise technology operations teams with an AI-powered SaaS solution that automates and streamlines complex processes with intelligent runbooks. The Cutover solution enables teams to respond to incidents quickly, recover from IT outages, and manage cloud migrations with precision and efficiency. Cutover is used in many of the world's largest financial institutions to support their critical technology operations, including 5 out of the top 6 largest asset managers and 3 out of the top 5 US banks.

Job Description

We are looking for a versatile, proactive mid-Level Security Analyst to join our lean but high-impact security team. This “generalist” role offers a 360-degree view of Information Security and is designed for someone who thrives on variety—one day you’ll be leading a SOC 2 audit, and the next you’ll be triaging a security alert or refining our AWS security posture. As a key member of a small team, you won’t just be following a playbook; you’ll be writing it. You will have significant autonomy and the power to influence our global security strategy directly.

Responsibilities

  • Compliance & Audit Leadership: Support the maintenance of our compliance frameworks, specifically ISO 27001 and SOC2 Type II. You will need to be comfortable being a primary point of contact for external auditors.
  • Client Assurance: Own the end-to-end process for Client Audits and Security RFIs, translating our complex technical controls into clear, professional, and digestible responses for stakeholders.
  • Cloud Governance: Apply a GRC lens to our cloud environment, ensuring that our AWS infrastructure aligns with best practices (CIS benchmarks) and triage alerts in line with our internal risk appetite.
  • Incident Management & Triage: Monitor security tools and act as a first-to-second responder for alert triage. You’ll manage the lifecycle of security incidents, from discovery to post-mortem.
  • Third-Party Risk Management: Conduct thorough due diligence on suppliers, integrations , ensuring our supply chain meets our rigorous security standards.

Decision Making

Risk-Based Decision Making

Apply for This Job
Cutover
United States
View company profile
This company has 1 job
Share this job

Similar jobs

Showing 10 jobs